package com.hmall.order.interceptor;

import com.hmall.order.Context.BaseContext;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * authorization校验的拦截器
 */
@Component
@Slf4j
public class HandlerInterceptorImpl implements HandlerInterceptor {

    /**
     * 校验authorization
     *
     * @param request
     * @param response
     * @param handler
     * @return
     * @throws Exception
     */
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // 判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            // 当前拦截到的不是动态方法，直接放行
            return true;
        }
        // 1、从请求头中获取authorization
        String userId = request.getHeader("authorization");
        // 2、校验authorization
        //3、添加authorization到BaseContext
        try {
            log.info("用户id:{}", userId);
            BaseContext.setCurrentId(Long.valueOf(userId));
            // 4、通过，放行
            return true;
        } catch (Exception ex) {
            // 4、不通过，响应401状态码
            response.setStatus(401);
            return false;
        }
    }
}
